Cyber Security Awareness and Vulnerabilities Blog

These days it seems like there are security solutions for almost everything except, the one thing you can never fully secure - humans. But, while you can’t control everything they open or click on, you can control their access to your sensitive data.…

  Another year, another Black Hat Conference! This year, we’re excited to represent as one company: SecureAuth + Core Security. Our newly combined company is the first to truly enable Identity and Security together to leverage one another in powerful new ways. We’ll be discussing…

These days it seems like there are security solutions for almost everything except, the one thing you can never fully secure - humans. But, while you can’t control everything they open or click on, you can control their access to your sensitive data.…

Identity Governance and Administration is a complex and growing, set of solutions that are put in place to help your organization stay compliant with government or industry regulations and, perhaps more importantly, help secure your organization. However, with every new solution, there are…

Since SecureAuth and Core Security merged in September 2017, the company has been dedicated to secure the enterprise across all principal threat vectors with an identity-based approach to the attack lifecycle. We identified six pillars of intelligent identity and security that represent our…

During penetration testing exercises, the ability to make a victim connect to an attacker’s controlled host provides an interesting approach for compromising systems. Such connections could be a consequence of tricking a victim into connecting to us (yes, we act as the attackers ;)…

This column’s question comes from a SecureAuth+Core Security customer who heard about some of the technologies we offer and was unfamiliar with the term Orphaned Account.    “What exactly is an Orphaned Account, how do they happen, and why are they dangerous to security?”  Well,…

When conducting a penetration test, most testers will develop some type of process, and repeat that same process on every engagement. As I think through the basics of penetration testing, I believe that process can be broken up into six steps. They are:   Information…

Here is the summary of all exploits released since April 2nd, the last Dot Release: 16 Updates overall  9 Remote exploits 4 Client-Side exploits 3 Product updates Here is the list of published updates: Remote Exploits: Disk Pulse Enterprise GET Buffer Overflow Exploit Disk Savvy Enterprise Buffer Overflow Exploit DiskBoss Enterprise Buffer…

Identity Governance & Administration (IGA) is commonly defined as “the policy-based centralized orchestration of user identity management and access control. Identity governance helps support enterprise IT security and regulatory compliance.” Or put into simpler terms, it’s putting in place a solution to ensure that…